lifinance · ezynda3 · Jan 10, 2025 · Dec 19, 2024 · Jan 7, 2025 · Jan 7, 2025
diff --git a/audit/auditLog.json b/audit/auditLog.json
@@ -91,6 +91,13 @@
       "auditReportPath": "./audit/reports/2025.01.09_ThorSwapFacet(v1.2.1).pdf",
       "auditCommitHash": "5005bf62858a9cb2a7628976ef870e91bb732a75"
     },
+    "audit20250109_2": {
+      "auditCompletedOn": "09.01.2025",
+      "auditedBy": "Sujith Somraaj (individual security researcher)",
+      "auditorGitHandle": "sujithsomraaj",
+      "auditReportPath": "./audit/reports/2025.01.09_WithdrawablePeripheryUpdates.pdf",
+      "auditCommitHash": "ec76b33cedd69338e569c7994b99b03cb7e6d502"
+    },
     "audit20250109_3": {
       "auditCompletedOn": "09.01.2025",
       "auditedBy": "Sujith Somraaj (individual security researcher)",
@@ -129,6 +136,16 @@
         "audit20241105"
       ]
     },
+    "ERC20Proxy": {
+      "1.1.0": [
+        "audit20250109_2"
+      ]
+    },
+    "Executor": {
+      "2.1.0": [
+        "audit20250109_2"
+      ]
+    },
     "FeeCollector": {
       "1.0.1": [
         "audit20250109_3"
@@ -167,6 +184,9 @@
       "1.5.0": [
         "audit20241203"
       ],
+      "1.6.0": [
+        "audit20250109_2"
+      ],
       "1.5.1": [
         "audit20250109_3"
       ]
@@ -187,6 +207,9 @@
     "Receiver": {
       "2.0.3": [
         "audit20250109_3"
+      ],
+      "2.1.0": [
+        "audit20250109_2"
       ]
     },
     "ReceiverAcrossV3": {
@@ -196,17 +219,26 @@
       "1.0.1": [
         "audit20241206"
       ],
-      "1.0.3": [
-        "audit20250109_3"
+      "1.1.0": [
+        "audit20250109_2"
       ]
     },
     "ReceiverStargateV2": {
       "1.0.1": [
         "audit20250109_3"
+      ],
+      "1.1.0": [
+        "audit20250109_2"
       ]
     },
     "RelayerCelerIM": {
-      "2.0.1": [
+      "1.0.3": [
+        "audit20250109_3"
+      ],
+      "2.1.0": [
+        "audit20250109_2"
+      ],
+      "2.1.1": [
         "audit20250109_3"
       ]
     },
@@ -228,6 +260,9 @@
     "TokenWrapper": {
       "1.0.1": [
         "audit20250109_3"
+      ],
+      "1.1.0": [
+        "audit20250109_2"
       ]
     },
     "WithdrawablePeriphery": {

diff --git a/audit/reports/2025.01.09_WithdrawablePeripheryUpdates.pdf b/audit/reports/2025.01.09_WithdrawablePeripheryUpdates.pdf
diff --git a/docs/Receiver.md b/docs/Receiver.md
@@ -68,17 +68,3 @@ function swapAndCompleteBridgeTokens(
     address payable receiver
 )
 ```
-
-This method is used to send remaining tokens to receiver.
-
-```solidity
-/// @notice Send remaining token to receiver
-/// @param assetId token received from the other chain
-/// @param receiver address that will receive tokens in the end
-/// @param amount amount of token
-function pullToken(
-    address assetId,
-    address payable receiver,
-    uint256 amount
-)
-```
diff --git a/docs/ReceiverAcrossV3.md b/docs/ReceiverAcrossV3.md
@@ -23,17 +23,3 @@ The contract has one method which will (and can only) be called through the Acro
         bytes memory message
     )
 ```
-
-Furthermore there is one (admin) method that allows withdrawals of stuck tokens by LI.FI administrators:
-
-```solidity
-/// @notice Send remaining token to receiver
-/// @param assetId token received from the other chain
-/// @param receiver address that will receive tokens in the end
-/// @param amount amount of token
-function pullToken(
-    address assetId,
-    address payable receiver,
-    uint256 amount
-)
-```
diff --git a/docs/ReceiverStargateV2.md b/docs/ReceiverStargateV2.md
@@ -24,17 +24,3 @@ The contract has one method which will be called through the LayerZero endpoint:
       bytes calldata
 )
 ```
-
-Furthermore there is one (admin) method that allows withdrawals of stuck tokens by LI.FI administrators:
-
-```solidity
-/// @notice Send remaining token to receiver
-/// @param assetId token received from the other chain
-/// @param receiver address that will receive tokens in the end
-/// @param amount amount of token
-function pullToken(
-    address assetId,
-    address payable receiver,
-    uint256 amount
-)
-```
diff --git a/script/deploy/facets/DeployTokenWrapper.s.sol b/script/deploy/facets/DeployTokenWrapper.s.sol
@@ -26,6 +26,12 @@ contract DeployScript is DeployScriptBase {
             "/config/networks.json"
         );
 
+        // get path of global config file
+        string memory globalConfigPath = string.concat(
+            root,
+            "/config/global.json"
+        );
+
         // read file into json variable
         string memory tokenWrapperConfigJSON = vm.readFile(tokenWrapperConfig);
 
@@ -34,6 +40,14 @@ contract DeployScript is DeployScriptBase {
             string.concat(".", network, ".wrappedNativeAddress")
         );
 
-        return abi.encode(wrappedNativeAddress);
+        // read file into json variable
+        string memory globalConfigJson = vm.readFile(globalConfigPath);
+
+        // extract refundWallet address
+        address refundWalletAddress = globalConfigJson.readAddress(
+            ".refundWallet"
+        );
+
+        return abi.encode(wrappedNativeAddress, refundWalletAddress);
     }
 }
diff --git a/script/deploy/zksync/DeployTokenWrapper.s.sol b/script/deploy/zksync/DeployTokenWrapper.s.sol
@@ -20,20 +20,34 @@ contract DeployScript is DeployScriptBase {
     }
 
     function getConstructorArgs() internal override returns (bytes memory) {
-        // get path of global network config file
-        string memory networkConfig = string.concat(
+        // get path of global config file
+        string memory tokenWrapperConfig = string.concat(
             root,
             "/config/networks.json"
         );
 
+        // get path of global config file
+        string memory globalConfigPath = string.concat(
+            root,
+            "/config/global.json"
+        );
+
         // read file into json variable
-        string memory networkConfigJSON = vm.readFile(networkConfig);
+        string memory tokenWrapperConfigJSON = vm.readFile(tokenWrapperConfig);
 
         // extract wrapped token address for the given network
-        address wrappedNativeAddress = networkConfigJSON.readAddress(
+        address wrappedNativeAddress = tokenWrapperConfigJSON.readAddress(
             string.concat(".", network, ".wrappedNativeAddress")
         );
 
-        return abi.encode(wrappedNativeAddress);
+        // read file into json variable
+        string memory globalConfigJson = vm.readFile(globalConfigPath);
+
+        // extract refundWallet address
+        address refundWalletAddress = globalConfigJson.readAddress(
+            ".refundWallet"
+        );
+
+        return abi.encode(wrappedNativeAddress, refundWalletAddress);
     }
 }
diff --git a/src/Periphery/ERC20Proxy.sol b/src/Periphery/ERC20Proxy.sol
@@ -1,27 +1,22 @@
 // SPDX-License-Identifier: MIT
 pragma solidity ^0.8.17;
 
-import { Ownable } from "@openzeppelin/contracts/access/Ownable.sol";
 import { LibAsset } from "../Libraries/LibAsset.sol";
+import { WithdrawablePeriphery } from "../Helpers/WithdrawablePeriphery.sol";
 
 /// @title ERC20 Proxy
 /// @author LI.FI (https://li.fi)
 /// @notice Proxy contract for safely transferring ERC20 tokens for swaps/executions
-/// @custom:version 1.0.0
-contract ERC20Proxy is Ownable {
+/// @custom:version 1.1.0
+contract ERC20Proxy is WithdrawablePeriphery {
     /// Storage ///
     mapping(address => bool) public authorizedCallers;
 
-    /// Errors ///
-    error UnAuthorized();
-
     /// Events ///
     event AuthorizationChanged(address indexed caller, bool authorized);
 
     /// Constructor
-    constructor(address _owner) {
-        transferOwnership(_owner);
-    }
+    constructor(address _owner) WithdrawablePeriphery(_owner) {}
 
     /// @notice Sets whether or not a specified caller is authorized to call this contract
     /// @param caller the caller to change authorization for

diff --git a/src/Periphery/Executor.sol b/src/Periphery/Executor.sol
@@ -7,15 +7,22 @@ import { LibAsset } from "../Libraries/LibAsset.sol";
 import { UnAuthorized } from "lifi/Errors/GenericErrors.sol";
 import { ILiFi } from "../Interfaces/ILiFi.sol";
 import { IERC20Proxy } from "../Interfaces/IERC20Proxy.sol";
+import { WithdrawablePeriphery } from "../Helpers/WithdrawablePeriphery.sol";
 import { ERC1155Holder } from "@openzeppelin/contracts/token/ERC1155/utils/ERC1155Holder.sol";
 import { ERC721Holder } from "@openzeppelin/contracts/token/ERC721/utils/ERC721Holder.sol";
 import { IERC20 } from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
 
 /// @title Executor
 /// @author LI.FI (https://li.fi)
 /// @notice Arbitrary execution contract used for cross-chain swaps and message passing
-/// @custom:version 2.0.0
-contract Executor is ILiFi, ReentrancyGuard, ERC1155Holder, ERC721Holder {
+/// @custom:version 2.1.0
+contract Executor is
+    ILiFi,
+    ReentrancyGuard,
+    ERC1155Holder,
+    ERC721Holder,
+    WithdrawablePeriphery
+{
     /// Storage ///
 
     /// @notice The address of the ERC20Proxy contract
@@ -64,7 +71,10 @@ contract Executor is ILiFi, ReentrancyGuard, ERC1155Holder, ERC721Holder {
     /// Constructor
     /// @notice Initialize local variables for the Executor
     /// @param _erc20Proxy The address of the ERC20Proxy contract
-    constructor(address _erc20Proxy) {
+    constructor(
+        address _erc20Proxy,
+        address _owner
+    ) WithdrawablePeriphery(_owner) {
         erc20Proxy = IERC20Proxy(_erc20Proxy);
         emit ERC20ProxySet(_erc20Proxy);
     }

diff --git a/src/Periphery/LiFiDEXAggregator.sol b/src/Periphery/LiFiDEXAggregator.sol
@@ -3,7 +3,7 @@
 pragma solidity ^0.8.17;
 
 import { SafeERC20, IERC20, IERC20Permit } from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
-import { Ownable } from "@openzeppelin/contracts/access/Ownable.sol";
+import { WithdrawablePeriphery } from "../Helpers/WithdrawablePeriphery.sol";
 import { SafeTransferLib } from "solady/utils/SafeTransferLib.sol";
 
 address constant NATIVE_ADDRESS = 0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE;
@@ -23,8 +23,8 @@ uint160 constant MAX_SQRT_RATIO = 1461446703485210103287273052203988822378723970
 /// @title LiFi DEX Aggregator
 /// @author Ilya Lyalin (contract copied from: https://github.com/sushiswap/sushiswap/blob/c8c80dec821003eb72eb77c7e0446ddde8ca9e1e/protocols/route-processor/contracts/RouteProcessor4.sol)
 /// @notice Processes calldata to swap using various DEXs
-/// @custom:version 1.5.1
-contract LiFiDEXAggregator is Ownable {
+/// @custom:version 1.6.0
+contract LiFiDEXAggregator is WithdrawablePeriphery {
     using SafeERC20 for IERC20;
     using Approve for IERC20;
     using SafeERC20 for IERC20Permit;
@@ -58,13 +58,17 @@ contract LiFiDEXAggregator is Ownable {
 
     modifier onlyOwnerOrPriviledgedUser() {
         require(
-            msg.sender == owner() || priviledgedUsers[msg.sender],
+            msg.sender == owner || priviledgedUsers[msg.sender],
             "RP: caller is not the owner or a privileged user"
         );
         _;
     }
 
-    constructor(address _bentoBox, address[] memory priviledgedUserList) {
+    constructor(
+        address _bentoBox,
+        address[] memory priviledgedUserList,
+        address _owner
+    ) WithdrawablePeriphery(_owner) {
         bentoBox = IBentoBoxMinimal(_bentoBox);
         lastCalledPool = IMPOSSIBLE_POOL_ADDRESS;
 

diff --git a/src/Periphery/Receiver.sol b/src/Periphery/Receiver.sol
@@ -8,14 +8,14 @@ import { LibSwap } from "../Libraries/LibSwap.sol";
 import { LibAsset } from "../Libraries/LibAsset.sol";
 import { ILiFi } from "../Interfaces/ILiFi.sol";
 import { IExecutor } from "../Interfaces/IExecutor.sol";
-import { TransferrableOwnership } from "../Helpers/TransferrableOwnership.sol";
+import { WithdrawablePeriphery } from "../Helpers/WithdrawablePeriphery.sol";
 import { ExternalCallFailed, UnAuthorized } from "../Errors/GenericErrors.sol";
 
 /// @title Receiver
 /// @author LI.FI (https://li.fi)
 /// @notice Arbitrary execution contract used for cross-chain swaps and message passing
-/// @custom:version 2.0.3
-contract Receiver is ILiFi, ReentrancyGuard, TransferrableOwnership {
+/// @custom:version 2.1.0
+contract Receiver is ILiFi, ReentrancyGuard, WithdrawablePeriphery {
     using SafeERC20 for IERC20;
 
     /// Storage ///
@@ -51,8 +51,7 @@ contract Receiver is ILiFi, ReentrancyGuard, TransferrableOwnership {
         address _amarokRouter,
         address _executor,
         uint256 _recoverGas
-    ) TransferrableOwnership(_owner) {
-        owner = _owner;
+    ) WithdrawablePeriphery(_owner) {
         sgRouter = _sgRouter;
         amarokRouter = _amarokRouter;
         executor = IExecutor(_executor);
@@ -168,22 +167,6 @@ contract Receiver is ILiFi, ReentrancyGuard, TransferrableOwnership {
         }
     }
 
-    /// @notice Send remaining token to receiver
-    /// @param assetId token received from the other chain
-    /// @param receiver address that will receive tokens in the end
-    /// @param amount amount of token
-    function pullToken(
-        address assetId,
-        address payable receiver,
-        uint256 amount
-    ) external onlyOwner {
-        if (LibAsset.isNativeAsset(assetId)) {
-            SafeTransferLib.safeTransferETH(receiver, amount);
-        } else {
-            IERC20(assetId).safeTransfer(receiver, amount);
-        }
-    }
-
     /// Private Methods ///
 
     /// @notice Performs a swap before completing a cross-chain transaction